CLAIMS 



What is claimed is: 



1 1 . An apparatus comprising: 

2 a file analyzer to perform a scan operation on an incoming file and 

3 produce a scanning result; and 

4 a signature generator to produce a digital signature, inclusive of the 

5 scanning result, of a digital signature chain, the digital signature chain is 

6 verified prior to accessing the incoming file. 

1 2. The apparatus of claim 1, wherein the incoming file is precluded 

2 from being opened if the verified digital signature chain indicates an unacceptable 

3 file integrity. 

1 3. The apparatus of claim 1 , wherein the incoming file is precluded 

2 from being executed if the verified digital signature chain indicates an 

3 unacceptable file integrity. 

1 4. The apparatus of claim 1, wherein the incoming file is accessed if 

2 the verified digital signature chain indicates acceptable file integrity. 
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1 5. The apparatus of claim 1, wherein the file analyzer performs the 

2 scan operation and outputs the scanned file in addition to the scanning result to 

3 accompany the digital signature chain. 

1 6. The apparatus of claim 1 ? wherein the apparatus is employed within 

2 a platform coupled to a local area network that a platform providing the incoming 

3 file is coupled to. 



1 7. The apparatus of claim 1 , wherein the apparatus is employed within 

2 a platform coupled to a wide area network. 

1 8. The apparatus of claim 6, wherein platform comprises at least one 

2 processor, a first control unit and memory including an accessible memory area 

3 and an isolated memory area. 

1 9. The apparatus of claim 8, wherein the platform further comprises a 

2 second control unit coupled to the first control unit, the second control unit 

3 including a token bus interface. 

1 10. The apparatus of claim 9, wherein the platform further comprises a 

2 token bus coupled to the token bus interface and in communication with at least 

3 one token. 
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1 1 1 . A method comprising: 

2 sending a file to a signatory via a network, the signatory checking 

3 the file and providing a digital signature chain indicating file integrity of 

4 the file; 

5 verifying the digital signature chain returned from the signatory via 

6 the network prior to accessing the file; and 

7 accessing the file if the verified digital signature chain indicates an 

8 acceptable file integrity. 

1 12. The method of claim 1 1 , wherein accessing the file comprises 



2 opening the file if the verified digital signature chain indicates the acceptable file 

3 integrity. 



1 13. The method of claim 12, wherein accessing the file further 

2 comprises refusing to open the file if the verified digital signature chain indicates 

3 an unacceptable file integrity. 

1 14. The method of claim 1 1 , wherein verifying the digital signature 

2 chain includes determining whether contents of a digital signature associated with 

3 the digital signature chain include a message regarding the integrity of the file. 

1 15. The method of claim 1 1 , wherein the digital signature chain 

2 includes at least one digital signature and at least one certificate. 
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1 16. The method of claim 1 5, wherein verifying the digital signature 

2 chain includes accessing contents of the at least one certificate to determine if the 

3 signatory is authorized and accessing contents of the at least one digital signature 

4 to determine the integrity of the file. 

1 1 7. The method of claim 1 1 , wherein the network is a local area 

2 network (LAN). 

1 18. The method of claim 1 1 , wherein the network is a wide area 

2 network (WAN). 

1 1 9. The method of claim 1 8 wherein the scanner is one of a virus 

2 detector, an intrusion detector, and a file integrity checker. 

1 20. The method of claim 1 1 wherein the file contains at least one of a 

2 code and a data. 

1 2 1 . A computer program product comprising: 

2 a machine-readable medium having program code embedded 

3 therein, the computer program product comprising: 

4 platform readable program code for sending a file to a remotely 

5 located signatory via a network, the signatory checking the file and 

6 providing a digital signature chain indicating file integrity of the file; 
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platform readable program code for verifying the digital signature 
chain returned from the signatory via the network; and 

platform readable program code for preventing access to the file 
when the verified digital signature chain indicates an unacceptable file 
integrity. 

22. The computer program product of claim 2 1 , wherein the platform 
readable program code precluding access to the file if no digital signature chain is 
associated with the file. 

23 . The computer program product of claim 22, wherein the platform 
readable program code for accessing the file if the verified digital signature chain 
indicates an acceptable file integrity. 
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